Wireless internetworking offers three technologies. Each provides a different reach but, in time, will augment the others. For wide-area coverage, cellular-based wireless is the technology to watch. Yet for all the marketing money vendors are spending, it's still easy to miss the salient points. For local areas, WLAN (802.11) has emerged as a usable technology. And last, personal-area internetworking will be based on Bluetooth technology. Each of these presents different risk models, but for now let's examine only those inherent in WLAN.
WLAN Under Attack
The 802.11 specification comes to us from the IEEE and provides 11 Mbps of data capabilities at reasonable prices. It does have a security model in the form of WEP. WLAN has two deployment models: private, in which one organization owns all the wireless devices in the WLAN; and public, in which the WLAN is a fee-based usage service. The advent of public WLAN offerings has revealed the flaws inherent in the WEP private enclave model. The specification does not provide any key management facilities - -not even those provided by DOCSIS.
For the moment, let's ignore the attack on WEP). WEP uses 40-bit or 104-bit keys that must be entered into each device. Up to four keys can be in a card at one time, so (providing for key changing) a device can participate in two private enclaves. For example, the two keys could provide access to both the corporate WLAN and one remote WLAN, or perhaps one office in a shared facility and at home in your town house WLAN. The security community well understands the need for a key distribution system, since static keys are too hard to handle.
WEP, as it's defined, is worthless in public WLANs -- can you imagine the sign in Starbucks: "Today's WEP password is 0x7439576016"? Public WLAN providers, like MobileStar, recommend instead that their customers use VPN technologies to protect valuable information. As I've pointed out previously, no tools can tell a VPN user that the data is actually traveling over the VPN. Additionally, too much Web traffic needs protection, since many Web sites do not encrypt logins, personal data or cookies.
WLAN needs a more effective security model; TLS (RFC 2246) could provide the best model. DOCSIS and IPsec/IKE both need a PKI for the clients, as well as the server certificates. The TLS anonymous-client model efficiently exchanges keys with a minimal PKI. A public WLAN access point could be loaded with a certificate from a well-known CA (certificate authority), as is done today for Web servers. A home access point would have a self-signed certificate that would also be loaded in each of the home systems. A small company could use its CA (for example, the Microsoft CA for Windows 2000) to issue certificates to its access points and mobile agents to limit access to its wireless network.
Dealing With Problems Today
The IEEE is working on fixing WEP, now that we know it's attackable, so this is the time to make it work in all situations with a solid key-distribution mechanism. The IEEE need not totally reinvent such mechanisms, as there are working examples deployed already. Because a WEP replacement will take time to appear in WLAN products, for now, use a VPN for any protocol that may contain sensitive information. Just double-check to make sure it's really protecting your communications.
Robert Moskowitz is a senior technical director at ICSA Labs, a division of TruSecure Corp. Send your comments on this column to him at rgm@htt-consult.com.
REPORTS
ANALYTICS
Follow 
